CVE-2021-32543 : Security Advisory and Response

This article provides an in-depth analysis of CVE-2021-32543, a vulnerability in SysJust CTS Web related to broken authentication.

Understanding CVE-2021-32543

CVE-2021-32543 is a vulnerability affecting SysJust CTS Web transaction system, allowing remote attackers to manipulate cookies post-login, thereby gaining unauthorized access to other accounts and conducting fraudulent activities.

What is CVE-2021-32543?

The vulnerability stems from an incorrect implementation of authentication management in the CTS Web system. Attackers exploit this flaw to impersonate users and engage in unauthorized activities, such as trading on the stock market.

The Impact of CVE-2021-32543

With a CVSS base score of 6.5 (Medium severity), the impact of CVE-2021-32543 is notable. Although requiring no special privileges, attackers can compromise the confidentiality and integrity of affected systems.

Technical Details of CVE-2021-32543

The following technical details shed light on the vulnerability:

Vulnerability Description

CVE-2021-32543 allows attackers to manipulate cookies, leading to unauthorized access and spoofed identities within the CTS Web system.

Affected Systems and Versions

SysJust CTS Web versions up to and including 2021.3.25 are susceptible to this vulnerability.

Exploitation Mechanism

Remote attackers can exploit this vulnerability post-authentication by manipulating cookies to gain unauthorized access to sensitive accounts.

Mitigation and Prevention

To mitigate the risks associated with CVE-2021-32543, consider the following steps:

Immediate Steps to Take

Update the CTS Web system to a version released after 2021.3.25 to patch the vulnerability.

Long-Term Security Practices

Regularly monitor and audit authentication mechanisms for any anomalies or suspicious activities.

Patching and Updates

Stay informed about security updates provided by SysJust and promptly apply them to ensure the system's security.